sbassett closed this task as "Resolved".
sbassett added a comment.
We're going to resolve this for now as {icon check-circle color=green} **low
risk** since none of the new security tooling added to the Github repo has
returned any medium+ risk actionable issues. One caveat would be noting (in
the README or wherever) as a kinda-false-positive (and possibly suppressing
<https://semgrep.dev/docs/ignoring-findings/>) the TLS issue found by semgrep
so as not to cause any future concern. Otherwise, consider this unblocked from
an #application_security_reviews
<https://phabricator.wikimedia.org/tag/application_security_reviews/>
perspective.
TASK DETAIL
https://phabricator.wikimedia.org/T292110
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Reedy, sbassett
Cc: Lucas_Werkmeister_WMDE, sbassett, Michaelcochez, Martaannaj,
Lydia_Pintscher, Addshore, WMDE-leszek, karapayneWMDE, Aklapper, Invadibot,
Devnull, maantietaja, Akuckartz, Jcross, Dsharpe, DannyS712, Nandana, Lahi,
Gq86, GoranSMilovanovic, QZanden, LawExplorer, _jensen, rosalieper, Scott_WUaS,
Wikidata-bugs, aude, Bawolff, Mbch331, Legoktm
_______________________________________________
Wikidata-bugs mailing list -- wikidata-bugs@lists.wikimedia.org
To unsubscribe send an email to wikidata-bugs-le...@lists.wikimedia.org
